001
014
015 package com.liferay.portal.verify;
016
017 import com.liferay.portal.NoSuchRoleException;
018 import com.liferay.portal.model.Group;
019 import com.liferay.portal.model.GroupConstants;
020 import com.liferay.portal.model.ResourceConstants;
021 import com.liferay.portal.model.Role;
022 import com.liferay.portal.model.RoleConstants;
023 import com.liferay.portal.security.permission.ActionKeys;
024 import com.liferay.portal.service.GroupLocalServiceUtil;
025 import com.liferay.portal.service.ResourcePermissionLocalServiceUtil;
026 import com.liferay.portal.service.RoleLocalServiceUtil;
027 import com.liferay.portal.util.PortalInstances;
028
029
032 public class VerifyRole extends VerifyProcess {
033
034 protected void addViewSiteAdministrationPermission(Role role)
035 throws Exception {
036
037 String name = Group.class.getName();
038
039 Group group = GroupLocalServiceUtil.getGroup(
040 role.getCompanyId(), GroupConstants.USER_PERSONAL_SITE);
041
042 String primKey = String.valueOf(group.getGroupId());
043
044 if (!ResourcePermissionLocalServiceUtil.hasResourcePermission(
045 role.getCompanyId(), name, ResourceConstants.SCOPE_GROUP,
046 primKey, role.getRoleId(), ActionKeys.MANAGE_LAYOUTS) ||
047 ResourcePermissionLocalServiceUtil.hasResourcePermission(
048 role.getCompanyId(), name, ResourceConstants.SCOPE_GROUP,
049 primKey, role.getRoleId(),
050 ActionKeys.VIEW_SITE_ADMINISTRATION)) {
051
052 return;
053 }
054
055 ResourcePermissionLocalServiceUtil.addResourcePermission(
056 role.getCompanyId(), name, ResourceConstants.SCOPE_GROUP, primKey,
057 role.getRoleId(), ActionKeys.VIEW_SITE_ADMINISTRATION);
058 }
059
060 protected void deleteImplicitAssociations(Role role) throws Exception {
061 runSQL(
062 "delete from UserGroupGroupRole where roleId = " +
063 role.getRoleId());
064 runSQL("delete from UserGroupRole where roleId = " + role.getRoleId());
065 }
066
067 @Override
068 protected void doVerify() throws Exception {
069 long[] companyIds = PortalInstances.getCompanyIdsBySQL();
070
071 for (long companyId : companyIds) {
072 RoleLocalServiceUtil.checkSystemRoles(companyId);
073
074 try {
075 Role organizationUserRole = RoleLocalServiceUtil.getRole(
076 companyId, RoleConstants.ORGANIZATION_USER);
077
078 deleteImplicitAssociations(organizationUserRole);
079 }
080 catch (NoSuchRoleException nsre) {
081 }
082
083 try {
084 Role powerUserRole = RoleLocalServiceUtil.getRole(
085 companyId, RoleConstants.POWER_USER);
086
087 addViewSiteAdministrationPermission(powerUserRole);
088 }
089 catch (NoSuchRoleException nsre) {
090 }
091
092 try {
093 Role siteMemberRole = RoleLocalServiceUtil.getRole(
094 companyId, RoleConstants.SITE_MEMBER);
095
096 deleteImplicitAssociations(siteMemberRole);
097 }
098 catch (NoSuchRoleException nsre) {
099 }
100 }
101 }
102
103 }